We are starting to get used to Chris being more than thorough with the topics he covers in his tutorials. The treatment he gave password cracking in his last article, Tutorial: Rainbow Tables and RainbowCrack, is now done for Terminal Server.

If you want to do any MS Terminal Server cracking you basically have your choice of three tools that can do it for you; TSgrinder, TScrack, and a patched version of RDesktop. This article and its companion Video: Terminal Server / RDP Password Cracking, takes you step-by-step through the concepts, tools and usage.

I would like to add simple clarification to your tutorial. Googling for “/TSWeb/default.htm” does not enumarate TS servers. Although it is very likely that TS server is available on IP of that web site, this is not always the case. TSWeb only offers ActiveX RDP client. You can use any "TSWeb" URL to connect to any other TS server.

Of course it would be nice, if for every published "cracking" tutorial, you would publish tutorial on how to increase security or reduce attack surface, also. For example, using TLS, multifactor authentication, or third party tools like 2xRDP,...